British Airways hit by data breach

Information stolen in fortnight from August 21st included personal and financial details

The breach at British Airways came at the height of the summer season. Photograph: AFP

British Airways has disclosed that for two weeks from August 21st, hackers stole customer data from its website and mobile app. BA said the stolen information was personal and financial details, but not did not relate to travel or passports.

It said it had resolved the breach, contacted affected customers, and notified authorities, which include the UK Information Commissioner’s Office.

Alex Cruz, BA's chairman and chief executive, said: "We are deeply sorry for the disruption that this criminal activity has caused. We take the protection of our customers' data very seriously."

The breach came at the height of the summer season.


In April this year, Delta Air Lines announced one of its suppliers had been the victim of a data breach, while last week Air Canada said its mobile app had been breached, potentially affecting 20,000 people.

‘Hyper-connected model’

In May 2018, a report from PA Consulting, said a “hyper-connected model” where passengers in airports wanted fast internet and digital engagement with airlines and retailers brought “a larger attack surface for cyber criminals to exploit”.

There were 1,000 cyber attacks each month on aviation systems in 2016, according to the European Aviation Safety Agency.

Last year, Latam Airlines and Ukraine's Boryspil airport were indiscriminately hit by ransomware, and in 2016 Vietnam Airlines had to carry out its operations at airports by hand after hackers took down its website.

In August, traffic on IAG, the parent group of BA and Iberia, grew 7 per cent over the previous year in terms of available seat kilometres, a standard industry unit. – Copyright The Financial Times Limited 2018